1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    *
5    *
6    *
7    * The contents of this file are subject to the terms of the Liferay Enterprise
8    * Subscription License ("License"). You may not use this file except in
9    * compliance with the License. You can obtain a copy of the License by
10   * contacting Liferay, Inc. See the License for the specific language governing
11   * permissions and limitations under the License, including but not limited to
12   * distribution rights of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.service.impl;
24  
25  import com.liferay.portal.DuplicatePasswordPolicyException;
26  import com.liferay.portal.NoSuchPasswordPolicyRelException;
27  import com.liferay.portal.PasswordPolicyNameException;
28  import com.liferay.portal.PortalException;
29  import com.liferay.portal.RequiredPasswordPolicyException;
30  import com.liferay.portal.SystemException;
31  import com.liferay.portal.kernel.util.OrderByComparator;
32  import com.liferay.portal.kernel.util.StringPool;
33  import com.liferay.portal.kernel.util.Validator;
34  import com.liferay.portal.model.Organization;
35  import com.liferay.portal.model.PasswordPolicy;
36  import com.liferay.portal.model.PasswordPolicyRel;
37  import com.liferay.portal.model.ResourceConstants;
38  import com.liferay.portal.model.User;
39  import com.liferay.portal.security.ldap.PortalLDAPUtil;
40  import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
41  import com.liferay.portal.util.PropsValues;
42  
43  import java.util.Date;
44  import java.util.List;
45  
46  /**
47   * <a href="PasswordPolicyLocalServiceImpl.java.html"><b><i>View Source</i></b>
48   * </a>
49   *
50   * @author Scott Lee
51   */
52  public class PasswordPolicyLocalServiceImpl
53      extends PasswordPolicyLocalServiceBaseImpl {
54  
55      public PasswordPolicy addPasswordPolicy(
56              long userId, boolean defaultPolicy, String name, String description,
57              boolean changeable, boolean changeRequired, long minAge,
58              boolean checkSyntax, boolean allowDictionaryWords, int minLength,
59              boolean history, int historyCount, boolean expireable, long maxAge,
60              long warningTime, int graceLimit, boolean lockout, int maxFailure,
61              long lockoutDuration, long resetFailureCount)
62          throws PortalException, SystemException {
63  
64          // Password policy
65  
66          User user = userPersistence.findByPrimaryKey(userId);
67          Date now = new Date();
68  
69          validate(0, user.getCompanyId(), name);
70  
71          long passwordPolicyId = counterLocalService.increment();
72  
73          PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
74              passwordPolicyId);
75  
76          passwordPolicy.setUserId(userId);
77          passwordPolicy.setCompanyId(user.getCompanyId());
78          passwordPolicy.setUserName(user.getFullName());
79          passwordPolicy.setCreateDate(now);
80          passwordPolicy.setModifiedDate(now);
81          passwordPolicy.setDefaultPolicy(defaultPolicy);
82          passwordPolicy.setName(name);
83          passwordPolicy.setDescription(description);
84          passwordPolicy.setChangeable(changeable);
85          passwordPolicy.setChangeRequired(changeRequired);
86          passwordPolicy.setMinAge(minAge);
87          passwordPolicy.setCheckSyntax(checkSyntax);
88          passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
89          passwordPolicy.setMinLength(minLength);
90          passwordPolicy.setHistory(history);
91          passwordPolicy.setHistoryCount(historyCount);
92          passwordPolicy.setExpireable(expireable);
93          passwordPolicy.setMaxAge(maxAge);
94          passwordPolicy.setWarningTime(warningTime);
95          passwordPolicy.setGraceLimit(graceLimit);
96          passwordPolicy.setLockout(lockout);
97          passwordPolicy.setMaxFailure(maxFailure);
98          passwordPolicy.setLockoutDuration(lockoutDuration);
99          passwordPolicy.setRequireUnlock(lockoutDuration == 0);
100         passwordPolicy.setResetFailureCount(resetFailureCount);
101 
102         passwordPolicyPersistence.update(passwordPolicy, false);
103 
104         // Resources
105 
106         if (!user.isDefaultUser()) {
107             resourceLocalService.addResources(
108                 user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
109                 passwordPolicy.getPasswordPolicyId(), false, false, false);
110         }
111 
112         return passwordPolicy;
113     }
114 
115     public void checkDefaultPasswordPolicy(long companyId)
116         throws PortalException, SystemException {
117 
118         String defaultPasswordPolicyName =
119             PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
120 
121         PasswordPolicy defaultPasswordPolicy =
122             passwordPolicyPersistence.fetchByC_N(
123                 companyId, defaultPasswordPolicyName);
124 
125         if (defaultPasswordPolicy == null) {
126             long defaultUserId = userLocalService.getDefaultUserId(companyId);
127 
128             addPasswordPolicy(
129                 defaultUserId, true, defaultPasswordPolicyName,
130                 defaultPasswordPolicyName, true, false, 0, false, true, 6,
131                 false, 6, false, 8640000, 86400, 0, false, 3, 0, 600);
132         }
133     }
134 
135     public void deletePasswordPolicy(long passwordPolicyId)
136         throws PortalException, SystemException {
137 
138         PasswordPolicy passwordPolicy =
139             passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
140 
141         if (passwordPolicy.isDefaultPolicy()) {
142             throw new RequiredPasswordPolicyException();
143         }
144 
145         // Resources
146 
147         resourceLocalService.deleteResource(
148             passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
149             ResourceConstants.SCOPE_INDIVIDUAL,
150             passwordPolicy.getPasswordPolicyId());
151 
152         // Password policy
153 
154         passwordPolicyPersistence.remove(passwordPolicy);
155     }
156 
157     public PasswordPolicy getDefaultPasswordPolicy(long companyId)
158         throws PortalException, SystemException {
159 
160         if (PortalLDAPUtil.isPasswordPolicyEnabled(companyId)) {
161             return null;
162         }
163 
164         return passwordPolicyPersistence.findByC_DP(companyId, true);
165     }
166 
167     public PasswordPolicy getPasswordPolicy(long passwordPolicyId)
168         throws PortalException, SystemException {
169 
170         return passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
171     }
172 
173     /**
174      * @deprecated
175      */
176     public PasswordPolicy getPasswordPolicy(
177             long companyId, long organizationId, long locationId)
178         throws PortalException, SystemException {
179 
180         return getPasswordPolicy(
181             companyId, new long[] {organizationId, locationId});
182     }
183 
184     public PasswordPolicy getPasswordPolicy(
185             long companyId, long[] organizationIds)
186         throws PortalException, SystemException {
187 
188         if (PortalLDAPUtil.isPasswordPolicyEnabled(companyId)) {
189             return null;
190         }
191 
192         PasswordPolicyRel passwordPolicyRel = null;
193 
194         // Check for password policy specifically assigned to any of the
195         // organizations
196 
197         for (int i = 0; i < organizationIds.length; i++) {
198             long organizationId = organizationIds[i];
199 
200             try {
201                 passwordPolicyRel =
202                     passwordPolicyRelLocalService.getPasswordPolicyRel(
203                         Organization.class.getName(), organizationId);
204 
205                 return getPasswordPolicy(
206                     passwordPolicyRel.getPasswordPolicyId());
207             }
208             catch (NoSuchPasswordPolicyRelException nsppre) {
209             }
210         }
211 
212         // Get default password policy
213 
214         return getDefaultPasswordPolicy(companyId);
215     }
216 
217     public PasswordPolicy getPasswordPolicyByUserId(long userId)
218         throws PortalException, SystemException {
219 
220         User user = userPersistence.findByPrimaryKey(userId);
221 
222         if (PortalLDAPUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
223             return null;
224         }
225 
226         PasswordPolicyRel passwordPolicyRel = null;
227 
228         // Check for password policy specifically assigned to this user
229 
230         try {
231             passwordPolicyRel =
232                 passwordPolicyRelLocalService.getPasswordPolicyRel(
233                     User.class.getName(), userId);
234 
235             return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
236         }
237         catch (NoSuchPasswordPolicyRelException nsppre) {
238         }
239 
240         long[] organizationIds = user.getOrganizationIds();
241 
242         return getPasswordPolicy(user.getCompanyId(), organizationIds);
243     }
244 
245     public List<PasswordPolicy> search(
246             long companyId, String name, int start, int end,
247             OrderByComparator obc)
248         throws SystemException {
249 
250         return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
251     }
252 
253     public int searchCount(long companyId, String name)
254         throws SystemException {
255 
256         return passwordPolicyFinder.countByC_N(companyId, name);
257     }
258 
259     public PasswordPolicy updatePasswordPolicy(
260             long passwordPolicyId, String name, String description,
261             boolean changeable, boolean changeRequired, long minAge,
262             boolean checkSyntax, boolean allowDictionaryWords, int minLength,
263             boolean history, int historyCount, boolean expireable, long maxAge,
264             long warningTime, int graceLimit, boolean lockout, int maxFailure,
265             long lockoutDuration, long resetFailureCount)
266         throws PortalException, SystemException {
267 
268         Date now = new Date();
269 
270         PasswordPolicy passwordPolicy =
271             passwordPolicyPersistence.findByPrimaryKey(
272                 passwordPolicyId);
273 
274         if (!passwordPolicy.getDefaultPolicy()) {
275             validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
276 
277             passwordPolicy.setName(name);
278         }
279 
280         passwordPolicy.setModifiedDate(now);
281         passwordPolicy.setDescription(description);
282         passwordPolicy.setChangeable(changeable);
283         passwordPolicy.setChangeRequired(changeRequired);
284         passwordPolicy.setMinAge(minAge);
285         passwordPolicy.setCheckSyntax(checkSyntax);
286         passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
287         passwordPolicy.setMinLength(minLength);
288         passwordPolicy.setHistory(history);
289         passwordPolicy.setHistoryCount(historyCount);
290         passwordPolicy.setExpireable(expireable);
291         passwordPolicy.setMaxAge(maxAge);
292         passwordPolicy.setWarningTime(warningTime);
293         passwordPolicy.setGraceLimit(graceLimit);
294         passwordPolicy.setLockout(lockout);
295         passwordPolicy.setMaxFailure(maxFailure);
296         passwordPolicy.setLockoutDuration(lockoutDuration);
297         passwordPolicy.setRequireUnlock(lockoutDuration == 0);
298         passwordPolicy.setResetFailureCount(resetFailureCount);
299 
300         passwordPolicyPersistence.update(passwordPolicy, false);
301 
302         return passwordPolicy;
303     }
304 
305     protected void validate(long passwordPolicyId, long companyId, String name)
306         throws PortalException, SystemException {
307 
308         if ((Validator.isNull(name)) || (Validator.isNumber(name)) ||
309             (name.indexOf(StringPool.COMMA) != -1) ||
310             (name.indexOf(StringPool.STAR) != -1)) {
311 
312             throw new PasswordPolicyNameException();
313         }
314 
315         PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
316             companyId, name);
317 
318         if (passwordPolicy != null) {
319             if ((passwordPolicyId <= 0) ||
320                 (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
321 
322                 throw new DuplicatePasswordPolicyException();
323             }
324         }
325     }
326 
327 }